[Security] DNS TXT challenge for web pentest authorization
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
AI coding assistants like Claude are capable of performing deep security
assessments — vulnerability scanning, fuzzing, injection testing,
authentication bypass attempts — on any web target provided by a user. There
is currently no built-in mechanism to verify that the user actually owns or
has explicit authorization over the target domain before the assistant
proceeds.
This creates a real risk of misuse: a malicious actor could instruct the
assistant to conduct a thorough penetration test against a third-party website
or application, leveraging the assistant's technical capabilities for
unauthorized attacks while maintaining plausible deniability ("I just asked an
AI to help me").
Proposed Solution
Before executing any deep pentest or security audit on a web target, Claude
should:
- Generate a cryptographically random one-time token (e.g. pentest-auth-<32
hex chars>)
- Instruct the user to publish it as a DNS TXT record on the target domain
(e.g. _claude-auth.target.com TXT "pentest-auth-a3f9...")
- Verify its presence using dig +short TXT _claude-auth.target.com before
proceeding
- Invalidate the token immediately after the first successful verification —
it cannot be reused for a second request
Why this works:
Only someone with actual DNS control over a domain can publish a TXT record.
This is the same proof-of-ownership model used by Let's Encrypt (ACME DNS-01
challenge), Google Search Console, and domain verification systems across the
industry. It is a well-understood, low-friction, and technically sound
authorization gate.
Alternative Solutions
_No response_
Priority
Critical - Blocking my work
Feature Category
CLI commands and flags
Use Case Example
Closes a meaningful abuse vector while adding minimal friction for legitimate
security professionals who already manage DNS for their clients or own
infrastructure.
Additional Context
Before performing a deep penetration test on a web application, Claude
▎ should generate a random one-time token and require the requester to publish
▎ it as a DNS TXT record on the target domain. Claude then verifies its
▎ presence via dig TXT before proceeding. This proves domain ownership and
▎ prevents unauthorized pentest requests on third-party domains.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗